Method and system for securing transactions in a point of sale

ABSTRACT

A system for payment in a point of sale is disclosed. The system may include one or more payment unit and one or more remote servers. Each payment unit may include one or more biometric sensors; a communication unit including a first cannel for communicating with a cash register and a second channel for communicating with the one or more remote servers; and a local processor configured to: receive biometric data of a person from the one or more biometric sensors; receive a request for payment from the cash register, via the first channel; and encrypt and send the information to at least one remote server for authentication and payment.

BACKGROUND OF THE INVENTION

The process of paying for goods or services in a point of sale had notchanged significantly in recent years. Nowadays, in order to pay forgoods or services a customer is interested in, he or she would have twopayment options, either pay with cash or pay with a payment card (i.e.,credit card, debit card or prepaid card). A credit card payment willrequire the customer to either hand the card to a merchant or pass ithimself in a card reader being in communication (or included) in thecash register. From this point on, a highly secured communication istaking placed between the card reader and a payment processor (or athird-party processor). A payment processor may be defined as aprocessor that handles the details of processing credit cards or otheraccounts related to a customer. The payment processor may further handletransactions between merchants, banks, and merchant account providersany component along the way must obey the very strict security standardsof the credit companies, also known in the art as Payment Card IndustryData Security Standard (PCI DSS).

The major weakness of this payment method lays in the very first step“the customer must hold a physical card”. For example, the customer'scredit card may be a stolen card used by unauthorized customer.Currently the only way the merchant can verify that the customer holdingthe card is the rightful owner of the card, is by asking the customer toenter a code that should have been known only to the customer or ask foran ID card. This method has several major fallbacks, for example,: 1)many people save or write their codes on notes in their wallets orsmartphones, so when someone's bag or wallet is stolen, the thief cancombine the code, the ID card and the credit card; 2) many people (e.g.,elderly people) have difficulty remembering such codes, and 3)multi-card holders need to remember a plurality of codes and to furtherremember which code is associated with which credit card. Anothercurrently use “authentication” method is to ask the customer to sign thepayment payload and then if later a dispute occurs between the customerand the merchant the signature given can be compared to the one storedin the credit payment provider's database.

Another major weakness lays in the physical structure of the creditcard. The information recorded on the magnetic strip and/or the chipincluded in the card is not encrypted and can easily be copied.

None of the above mentioned methods are immune to fraud and theft. Theonly way to overcome these deficiencies is to include an additional (oralternative) security element that cannot be stolen, for example, abiometric element. Biometric data received from a biometric sensor, suchas, a camera, a video camera, a fingerprint detector and the like, canbe used to authenticate the identity of the customer. In a case that theidentified customer was previously associated with a credit card, thisassociation may further be used as the payment method as will be broadlydiscussed below.

SUMMARY OF THE INVENTION

Some aspects of the invention may be related to a system for payment ina point of sale. The system may include one or more payment units andone or more remote servers. In some embodiments, each payment unit mayinclude one or more biometric sensors; a communication unit including afirst cannel for communicating with a cash register and a second channelfor communicating with the one or more remote servers; and a localprocessor configured to: receive biometric data of a person from the oneor more biometric sensors; receive a request for payment from the cashregister, via the first channel; encrypt the received biometric data andthe received request for payment to form a first encrypted massage; sendthe first encrypted massage to the one or more remote servers, via thesecond channel; decrypt a second encrypted massage received from theremote server, via the second channel, including a payment confirmationfrom a payment processor; and send the payment confirmation to the cashregister, via the first channel. In some embodiments, at least oneremote server from the one or more remote servers may be configured to:decrypt the first encrypted message; compare the biometric data tostored identified biometric data; determine an identity score for thebiometric data based on the comparison; send the request for payment andpayment account details associated with the biometric data to thepayment processor if the determined identity score is above a thresholdvalue; receive the payment confirmation from the payment processor;encrypt the payment confirmation code to form the second encryptedmessage; and send the second encrypted message to the payment unit.

In some embodiments, the biometric data may include data received fromtwo or more types of biometric sensors. In some embodiments, the atleast one remote server may be further configured to: receive anadditional data related to the person; and determine the identity scorefor the biometric data also based on the additional data. In someembodiments, each of the one or more remote servers is furtherconfigured to: verify that the first and second channels are authorizedcommunication channels prior to receiving the first incepted message.

In some embodiments, the first channel may be configured to send andreceive the first and second encrypted messages via an encryptedcommunication protocol. In some embodiments, the system may furtherinclude: an intercepting unit configured to: send the payments unit therequest for payment from the cash register; and send the paymentconfirmation from the payment unit to the cash register.

In some embodiments, the local controller may further be configured to:receive, via an input device, payment account details associated withthe person and the first encrypted massage may further include thepayment account details. In some embodiments, the remote server mayfurther be configured to: associate the biometric data of the personwith the payment account details. In some embodiments, the remote servermay further be configured to: send to a mobile device associated withthe person a message; receive from the mobile device a response to thesent message; and verify the identity of the person based on receivedresponse. In some embodiments, each of the one or more remote serversmay further be configured to: receive a plurality of first encryptedmessages, over a period of time, each of the first encrypted message mayinclude biometric data of the same person; compare the receivedbiometric data to stored identified biometric data; determine identityscores for the received biometric data based on the comparison; andupdate the threshold value based on the determined identity scores.

Some additional aspects of the present invention may be directed to amethod of payment in a point of sale. The method may include receivingbiometric data of a person from one or more biometric sensors; receivinga request for payment from a cash register; encrypting the receivedbiometric data and the received request for payment to form a firstencrypted massage; sending the first encrypted massage to a remoteserver; decrypting the first encrypted message, by the remote server;comparing the biometric data to stored identified biometric data;determining an identity score for the biometric data based on thecomparison; sending the request for payment and payment account detailsassociated with the biometric data to a payment processor if thedetermined identity score is above a threshold value; receiving apayment confirmation from the payment processor; encrypting the paymentconfirmation to form a second encrypted message; and sending the secondencrypted message to a payment unit; decrypting the second encryptedmassages received from the remote server including the paymentconfirmation from the payment processor; and sending the paymentconfirmation to the cash register.

In some embodiments, the biometric data may include data received fromtwo or more types of biometric sensors. In some embodiments, the methodmay further include receiving an additional data related to the personand determining the identity score for the biometric data also based onthe additional data. In some embodiments, the method may further includereceiving, via an input device, payment account details associated withthe person and the first encrypted massage further includes the paymentaccount details; and associating the biometric data of the person withthe payment account details.

In some embodiments, the method may further include: sending to a mobiledevice associated with the person a message; receiving from the mobiledevice a response to the sent message; and verifying the identity of theperson based on received response. In some embodiments, the method mayfurther include: receiving a plurality of first encrypted messages, overa period of time, each of the first encrypted message may includebiometric data of the same person; comparing the received biometric datato stored identified biometric data; determining identity scores for thereceived biometric data based on the comparison; and updating thethreshold value based on the determined identity scores.

Some additional aspects of the present invention may be directed to amethod of associating biometric data with a person. The method mayinclude receiving biometric data of a person from one or more biometricsensors; receiving payment account details associated with the person;encrypting the received biometric data and the received payment accountdetails to form a first encrypted massage; sending the first encryptedmassage to one or more remote servers; decrypting the first encryptedmessage, by the one or more remote servers; and associating thebiometric data of the person with the payment account details.

In some embodiments, the method may further include: receiving a requestfor payment from a cash register; encrypting the request for payment tobe included in the first encrypted massage; determining an identityscore for the biometric data; sending the request for payment and thepayment account details associated with the biometric data to a paymentprocessor if the determined identity score is above a threshold value;receiving a payment confirmation from the payment processor; encryptingthe payment confirmation to form the second encrypted message; sendingthe second encrypted message to a payment unit; decrypting the secondencrypted massages received from the remote server including the paymentconfirmation from the payment processor; and sending the paymentconfirmation to the cash register.

In some embodiments, the biometric data may include data received fromtwo or more types of biometric sensors. In some embodiments, the methodmay further include receiving an additional data related to the person;and determining the identity score for the biometric data may also bebased on the additional data.

BRIEF DESCRIPTION OF THE DRAWINGS

The subject matter regarded as the invention is particularly pointed outand distinctly claimed in the concluding portion of the specification.The invention, however, both as to organization and method of operation,together with objects, features, and advantages thereof, may best beunderstood by reference to the following detailed description when readwith the accompanying drawings in which:

FIG. 1 is a high level block diagram of a system for payment in a pointof sale according to some embodiments of the invention;

FIG. 2 is a flowchart of a method of payment in a point of saleaccording to some embodiments of the invention;

FIG. 3 is a flowchart of a method of payment in a point of saleaccording to some embodiments of the invention; and

FIG. 4 is a high level block diagram of a computing system according tosome embodiments of the invention.

It will be appreciated that for simplicity and clarity of illustration,elements shown in the figures have not necessarily been drawn to scale.For example, the dimensions of some of the elements may be exaggeratedrelative to other elements for clarity. Further, where consideredappropriate, reference numerals may be repeated among the figures toindicate corresponding or analogous elements.

DETAILED DESCRIPTION OF THE PRESENT INVENTION

In the following detailed description, numerous specific details are setforth in order to provide a thorough understanding of the invention.However, it will be understood by those skilled in the art that thepresent invention may be practiced without these specific details. Inother instances, well-known methods, procedures, and components,modules, units and/or circuits have not been described in detail so asnot to obscure the invention. Some features or elements described withrespect to one embodiment may be combined with features or elementsdescribed with respect to other embodiments. For the sake of clarity,discussion of same or similar features or elements may not be repeated.

Although embodiments of the invention are not limited in this regard,discussions utilizing terms such as, for example, “processing,”“computing,” “calculating,” “determining,” “establishing”, “analyzing”,“checking”, or the like, may refer to operation(s) and/or process(es) ofa computer, a computing platform, a computing system, or otherelectronic computing device, that manipulates and/or transforms datarepresented as physical (e.g., electronic) quantities within thecomputer's registers and/or memories into other data similarlyrepresented as physical quantities within the computer's registersand/or memories or other information non-transitory storage medium thatmay store instructions to perform operations and/or processes. Althoughembodiments of the invention are not limited in this regard, the terms“plurality” and “a plurality” as used herein may include, for example,“multiple” or “two or more”. The terms “plurality” or “a plurality” maybe used throughout the specification to describe two or more components,devices, elements, units, parameters, or the like. The term set whenused herein may include one or more items. Unless explicitly stated, themethod embodiments described herein are not constrained to a particularorder or sequence. Additionally, some of the described methodembodiments or elements thereof can occur or be performedsimultaneously, at the same point in time, or concurrently.

Some aspects of the invention may be directed to a system and a methodfor proving automatic payment service in a point of sale using biometricdata. A customer approaching a point of sale (e.g., a cash register)with goods to be purchased, may use the service to pay for the goodsonly by being identified using his/her biometric parameters. A paymentunit according to some embodiments of the invention may be incommunication with a cash register (or with an automatic self-checkoutmachine) for receiving a request for payment and may further include oneor more biometric sensors for gathering biometric data of a person. Thecustomer may be asked by the merchant (or by an automatic self-checkoutmachines) to allow the one or more biometric sensors to take a pictureof the customer and/or place his/her hand on a fingerprint reader, orthe like.

In some embodiments, the payment unit may than send the biometric dataand the request for payment to a service center that may include one ormore remote servers. The biometric data may be used to identify thecustomer and that identification may be used for associating thecustomer to previously stored payment account associated with the user,for example, credit card details, gift cards details, food cardsdetails, bank accounts details and the like.

As disclosed herein, embodiments related to credit card details are alsoapplicable with other payment accounts related to a specific user, suchas gift cards, food cards, bank accounts, crypto currencies accounts,and the like. The credit card details and the request for payment maythen be sent to a payment processor for completing the payment andreceiving a payment payload. The payment payload may be sent from theservice center to the payment unit and then to the cash register tocomplete the purchase. From the customer's point of view it is “pay bygiving a picture (or any other biometric data) process”. The paymentmethod according to embodiments of the invention may be simple, customerfriendly and much more secured than the currently existing paymentmethods, since nobody, except the credit card holder, may have thecredit card details or any physical contact with the credit card.

Reference is made to FIG. 1 which is a high level block diagram of asystem for securing transaction and/or payment in a point of saleaccording to some embodiments of the invention. A system 100 may includeone or more payment units 105 and a plurality of remote servers 160. Theplurality of servers may be included in a service center for supplyingpayment collecting services. Each of one of remote servers 160 may beconfigured to send requests for payment and payment account details(e.g., credit card details) to payment processors. Each one of servers160 may be authorized to send the requests for payment and the creditcard details to at least one payment processor under the PCI DSS.

Payment unit 105 may include: a local processing unit 110, acommunication unit 130 and one or more biometric sensors 140. In someembodiments, payment unit 105 may further include an additional sensor145 or be connected to an external device, for example, an RF antennaincluded, for example, in an RF based ID detector, a Bluetooth antennaand the like. In some embodiments, cash register 10 may be included inpayment unit 105. Local processing unit 110 may be, for example, acentral processing unit (CPU), a chip or any suitable computing orcomputational device (e.g., PC, mini PC, internet of things (IOT) deviceand the like). Local processing unit 110 may be configured to carry outmethods according to embodiments of the present invention by for exampleexecuting instructions stored in a memory such as a memory 120.

In some embodiments, local processing unit 110 may further include anoperating system that may include any code segment designed and/orconfigured to perform tasks involving coordination, scheduling,arbitration, supervising, controlling or otherwise managing operation ofprocessing unit 110, for example, scheduling execution of programs. Theoperating system may be a commercial operating system. Memory 120 may beor may include, for example, a Random Access Memory (RAM), a read onlymemory (ROM), SSD (Solid state drive), a Dynamic RAM (DRAM), aSynchronous DRAM (SD-RAM), a double data rate (DDR) memory chip, a Flashmemory, a volatile memory, a non-volatile memory, a cache memory, abuffer, a short term memory unit, a long term memory unit, or othersuitable memory units or storage units. Memory 120 may be or may includea plurality of, possibly different memory units.

Memory 120 may store any executable code, e.g., an application, aprogram, a process, task or script. The executable code may includecodes for controlling a payment unit or instruction for executingmethods according to embodiments of the present invention. Theexecutable code may be executed by processing unit 110 possibly underthe control of an operating system. In some embodiments, payment unit110 may further include an additional storage unit for storing data ormay use memory 120 for storing data.

Communication unit 130 may include two different communication channels.A first channel that may be configured to send and receive data fromcash register 10. The first channel may include a USB port (or any othersuitable port) for wired communication with cash register 10.Additionally, or alternatively, the first channel may wirelesslycommunicate with cash register 10, for example, via Wi-Fi, Bluetooth,Near Field Communication (NFC), or the like. In some embodiments, a USBkey dongle may be connected to a USB port in cash register 10 to formthe wireless communication with payment unit 105. For example, the USBkey dongle may hardware and software elements for communicating withpayment unit 105. In some embodiments, the first channel may communicatewith cash register 10 via the internet. In some embodiments, when cashregister 10 is included in payment unit 105, the first channel may be aninternal channel inside payment unit 105. A second channel may beconfigured to communicate with one or more remote servers 160, forexample, via the internet (e.g., using: GSM 2G-4G, long term evolution(LTE), Internet Protocol Suite or TCP/IP model or TCP/IP stack, OSIprotocols and the like) . The second channel may include wired (e.g.,LAN communication port) or wireless (e.g., Wi-Fi antenna) devices. Insome embodiments, the first channel and the second channel may be thesame channel configured to alternately communicate with one or moreremote servers 160 and cash register 10.

In some embodiments, both the first channel and the second channel maybe authorized channels. All communication may be encrypted to form anend-to-end secured communication between remote servers 160 and paymentunit 105. In some embodiments, the second channel may be configured touse an encrypted communication protocol to send and receive messages toand from one or more remote servers 160.

One or more biometric sensors 140 may include any sensors that cancollect biometric data (e.g., metrics related to human characteristics).For example, sensor 140 may be any camera at any resolution and anypixel density (e.g., camera, video camera, IR camera or the like) thatis configured to take a picture of a person (e.g., the face (for facerecognition), half body or full body) or a stream of images (e.g., avideo). In another example, sensor 140 may be a fingerprint reader(e.g., a digital camera, ultrasonic sensor or the like) for capturing atleast one fingerprint of a person (for finger print recognition). In yetanother example, sensor 140 may include camera(s) for capturing an irisof a person, for iris recognition, using visible light and/or near IRcameras. In yet another example, sensor 140 may be or may include amicrophone for recording voice samples from the customer (e.g., forperforming voice recognition). In some embodiments, local processingunit 110 may be configured to processes images received from one or moresensors 140 and to extract the biometrics from the images. Additionally,or alternatively, the processing may be done by one or more servers 160.

In some embodiments, a customer approaching cash register 10 may chooseto pay for goods using the secured method according to some embodiments.Such a customer may be asked to let one or more sensors 140 take his/herpicture, fingerprint, iris picture, voice sample, and/or the like. Thebiometric data collected by sensor 140 may include a single type ofbiometric data (e.g., a voice sample) or a combination of two or moretypes of biometric data (e.g., a picture and a fingerprint). Thebiometric data collected by sensor 140 may be used to identify thecustomer (e.g., by sever 160) and associated the identified customerwith payment account details (e.g., credit card details) of the person,for example, the credit card number, the expiration date, the cardholder name and the amount to authorize/capture.

In some embodiments, payment unit 105 may further include a userinterface 150. User interface 150 may be or may include a screen (e.g.,a monitor, a display, a CRT, etc.), a pointing device and an audiodevice. User interface 150 may include or be associated with other inputdevices such as, a keyboard. The pointing device may be a mouse, a touchscreen, a pad and the like. In some embodiments, user interface 150 maybe included in cash register 10 and payment unit 105 may communicate(via communication unit 130) with user interface 150.

In some embodiments, payment unit 105 may include a card reader 155 forreading credit cards. Card reader 155 may be connected either wirelesslyor by wire communication to processing unit 110. A customer approachingpayment unit 105 may be required during a registration stage (discussedwith respect to the flowchart of FIG. 2) to pass his/her credit card inorder to associate the biometric data received from one or morebiometric sensors 140 with the credit card details of the customer.

In some embodiments, system 100 may further include an intercepting unit190 for connecting payment unit 105 to cash register 10. Interceptingunit 190 may be connected to payment unit 105 and/or cash register 10via wired or wireless communication, for example, using a USB port.

In some embodiments, an additional security level may be applied inorder to fully confirm the identity of the customer. Payment unit 105may receive from additional sensor 145 or other external deviceadditional information related to the identity of the person. Forexample, additional sensor 145 may identify a mobile device 20 held bythe person, for example, by detecting using RF based ID detector theMedia Access Control (MAC) address of mobile device 20. In someembodiments, additional sensor 145 may identify a plurality of MACaddresses of mobile devices located in proximity to payment unit 105 andprocessing unit 110 may be configured to associate at least one of theMAC addresses with the biometric data.

In some embodiments, another security level may be applied in order tofully confirm the identity of the customer. In some embodiments, system100 may be configured to send and receive messages to and from a mobiledevice 20 associated with the paying customer. Mobile device 20 may beany mobile computing device, such as for example, a laptop, a tablet, asmartphone and the like. In some embodiments, mobile device 20 may be adesignated device that is configured mainly to communicate withcommunication unit 130. For example, mobile device 20 may include anantenna for short range communication such as: Bluetooth communication,NFC communication and the like. In such embodiments, communication unit130 may be configured to detect that mobile device 20 is within acertain transmission range (e.g., less than 1.5 meters, few centimeters,etc.) from payment unit 105, thus activate a communication channelbetween mobile device 20 and payment unit 105.

In some embodiments, the details stored in the one or more remoteservers 160 may include communication details of mobile devices, such asa mobile phone number, an e-mail address, MAC addresses and the like.Each of the communication details may be associated with an identifiedperson and payment account details (e.g., credit card details). System100 may communicate with mobile device 20 using any known communicationmethod such as Wi-Fi, Bluetooth, NFC and the like.

In some embodiments, once system 100 has identified the customer basedon the given biometric data, the system may send a message to thecustomer's mobile device using the communication details stored in thesystem for that identified customer. The message can include: an SMS,push notification message, an e-mail, activation of an application, orthe like. The message may include a request to perform an act by theuser, for example, a link the user must open, a message the user mustsend back, a button (e.g., on the screen) the user must touch or thelike. The act performed by the user may send to system 100 a response tothe message sent by system. Once the response has been received, system100 may further confirm the identity of the customer and may proceedwith the payment as will be broadly discussed below.

In some embodiments, system 100 (e.g., server 160) may further receivefrom mobile device 20 the biometric data of the customer. For example,the customer can take his/her own picture “a selfie” and/or his/herfingerprint using the mobile device camera or fingerprint reader andsend it to at least one server 160.

In some embodiments, before using the payment system of FIG. 1 acustomer will be required to register into the system in order toassociate his/her biometric data with his/her credit card details. Theregistration and enrolment process may be done in several ways. Forexample, in the first time a customer is approaching payment unit 105he/she may be requested to register to the service of automatic paymentby a biometric data offered according to some embodiments of theinvention. The customer may approach payment unit 105 in order topurchase goods or just to register for the service. In another example,the customer may register using his/her mobile device. The customer mayrun an application that may ask the customer to enter a real-time“selfie” and payment account details (e.g., credit card details), forexample, manually entered, scanned via OCR or any other means of readingthe card. In yet another example, the registration may be conducted in akiosk for picking up credit cards when the customer is coming to collecthis/her credit card. In such a case an automatic machine may offer tothe customer to give biometric data and send the credit card details andthe biometric data to one or more servers 160. In yet another example, avending machine or an ATM may offer the customer the option to registerto the service. I such a case the vending machine or the ATM may beassociated with one or more biometric sensors (e.g., a camera located inproximity to the ATM) and while the person is purchasing goods/drawingmoney a photo/video/fingerprint of the customer may be taken andassociated with his/her credit card details.

Reference is now made to FIG. 2 which is a flowchart of a method ofsecuring transaction and/or payment in a point of sale according to someembodiments of the invention. The method of FIG. 2 may be performed bysystem 100 of FIG. 1 and may include a method of associating biometricdata with a person. The method of associating biometric data with aperson may be performed by other systems.

In operation 205, embodiments may include receiving biometric data of aperson from one or more biometric sensor. For example, local processingunit 110 may receive from one or more biometric sensors 140 a capturedbiometric data such as, a picture, a fingerprint, voice sample, an irispicture, a video recording and any combination thereof, of a person(e.g., the customer) approaching payment unit 105 with goods to bepurchase. Local processing unit 110 (or later server 160) may furtherprocess the captured biometric data to extract metrics related to thecustomer's characteristics. For example, if the captured biometric datais a photo of the face of the customer, processing unit 110 or server160 may perform a face recognition process by extracting landmarks, orfeatures from the photo. A face recognition algorithm may analyze therelative position, size, and/or shape of the eyes, nose, cheekbones, andjaw.

In another example, biometric sensor 140 may capture a video recordingof the person (e.g., customer) and processing unit 110 and/or server 160may analyze typical movements of the person to form the biometric data.In yet another example, biometric sensor 140 may be a microphoneconfigure capture voice samples of the customer and processing unit 110and/or server 160 may perform a voice recognition analysis of the voicesamples to form the biometric data. In some embodiments, the processedbiometric data may include extract metrics related to the customer'scharacteristics received from more than one type of biometric sensor.For example, the biometric data may include data received from a cameraand a microphone.

Alternatively, the one or more biometric sensors may be included in aregistration unit (e.g., a kiosk for picking credit cards) placed in abank, a post office and the like, and the customer collecting his/hercredit card for the first time may be offered to register to theautomatic payment service according to embodiments of the invention, bygiving biometric data. In another option, the one or more biometricsensors may be included in the customer's mobile device (e.g., device20) and the customer may send to one or more servers 160 a real time“selfie” and/or a fingerprint taken by mobile device 20. For example, aregistration application running on mobile device 20 may request thecustomer to take and send a picture of him/her self. In someembodiments, a security code for activating mobile device 20 may use asa “second security measurement” when using mobile device 20 forregistration. For example, a security code and/or a fingerprint may berequired for activating the registration application prior to sendingthe “selfie” or finger print and the payment account details (e.g.,credit card details).

In operation 210, embodiments may include receiving payment accountdetails (e.g., credit card details) associated with the person. Forexample, credit card details may include: credit card number, expirationdate, card holder name and amount to authorize/capture. Other accountdetails may include, account number, owner's ID number and the like. Thecredit card details may be received from card reader 155 included inpayment unit 105. Alternatively, the credit card details may be receivedfrom cash register 10, when a merchant or the customer passes the creditcard, or other cards in a card reader included or associated with cashregister 10. In another option, the credit card details may be receivedfrom a server of a credit card collecting kiosk , when the customerarrive to the kiosk to collect the credit card and gives his/herbiometric data. In yet another option, the payment account details(e.g., credit card details) may be received from a mobile deviceassociated with the customer. The customer may activate the registrationapplication running on device 20 that may ask the customer to givebiometric data and enter the payment account details (e.g., credit carddetails).

In operation 215, embodiments may include receiving a request forpayment from a cash register (e.g., cash register 10). The request maybe received when the customer would like in addition to being registeredto the service, buy some goods. A merchant (or the customer at aself-checkout) may enter the prices of the goods (e.g., by reading a barcode) and cash register 10 may calculate the amount to be paid and issuea request for payment.

In some embodiments, the method may further include receiving anadditional data related to the person, for example, form additionalsensor 145 or directly from mobile device 20. The additional data may berelated to a mobile device held by the person. The additional data maybe for example, a MAC address.

In operation 320, embodiments may include encrypting the receivedbiometric data and the received credit card details to form a firstencrypted message. In some embodiments, the additional data may beincluded in the first encrypted message. In some embodiments, the firstencrypted message may further include the request for payment. Forexample, the biometric data may include the one or more capturedbiometric data (signals) (e.g., captured image, recorded voice, recordedvideo and/or the like) taken by biometric sensors 140 (e.g., photo ofthe face and/or fingerprint) or data extracted from the capturedbiometric data. In some embodiments, local processing unit 110 mayperform any encryption process known in the art in order to encrypt thereceived biometric data, the received payment account details (e.g.,credit card details) and/or the request for payment and to form thefirst encrypted message. In some embodiments, the registration unit inthe kiosk or the registration application running on the customer'smobile device may perform the encryption and form the first encryptedmessage.

In some embodiments, the encryption (and decryption) may include anyencryption/decryption methods known in the art. For example, theencryption may be done using cyclic redundancy check (CRC) which is anerror-detecting code commonly used in digital networks and storagedevices to detect accidental changes to raw data. In another example,the encryption may be done using a Secure Sockets Layer (SSL) which is astandard security technology for establishing an encrypted link betweena web server and a browser. In yet another example, the encryption maybe done using a Hardware Security Module (HSM) which is a physicalcomputing device that safeguards and manages digital keys for strongauthentication and provides crypto-processing.

In operation 225, embodiments may include sending the first encryptedmessage to one or more remote servers. Local processing unit 110, theregistration unit or the mobile device registration application, maysend the first encrypted message to one or more remote servers 160, forexample, via the internet. In some embodiments, local processing unit110, the registration unit or the mobile device registrationapplication, may send the first encrypted message to a service center(e.g., in a cloud) and the service center may decide to which one of theone or more remote servers 160 to progress the first encrypted messagebased, for example, on availability.

In operation 230, embodiments may include decrypting the first encryptedmessage, by the one or more remote servers. Each one of remote servers160 that received the first encrypted message may be configured todecrypt the encryption using any known method. After decrypting themessage remote server 160 may further process the received information.

In operation 235, embodiments may include associating the biometric dataof the person with the payment account details (e.g., credit carddetails). For example, each of remote servers 160 may be configured toassociate the biometric data with the name of the credit card holder(e.g., the customer), the credit card number, the expiration date, andthe like. In order to further verify that the customer from which thebiometric data was taken is the payment account owner (e.g., credit cardholder) (or a person authorized by the credit card holder to use thecredit card) a manual authentication may be performed, for example, bythe merchant or the banker in which the customer may further be requiredto show an ID card or supply identification data, such as ID number,passport number, date of birth and the like.

In some embodiments, after the end of operation 235, the customer may beregistered to the automatic payment service. Accordingly, the next timethe customer would like to pay for goods at any store that uses theautomatic payment service and has at least one payment unit 105, thecustomer may do so just by providing a biometric data to system 100(e.g., by letting a camera of sensor 140 take the customer's photo).This payment method will be discussed with respect to the flowchart ofFIG. 3.

In some embodiments, if during the registration process the customer mayfurther be interesting in purchasing goods, embodiments of the method ofFIG. 2 may include determining an score (e.g., an initial identityscore) for the biometric data (operation 240). The initial score may bedetermined based on data and metadata extracted from biometric data. Forexample, the number of images needed to be taken until a solid biometricdata can be extracted, a location at which the biometric data was taken(for example, a supermarket at potential fraud committing areas (areaswith high crime rates)) and like. In some embodiments, the initialidentity score may further be determined based on the amount and type ofbiometric data. For example, a higher identity score may be given tobiometric data that includes face metrics, voice metrics and fingerprintmetrics in comparison to data that includes only face metrics. In someembodiments, the initial identity score may further be determined basedon additional data. For example, if an additional data related to amobile device operated by the customer is received (e.g., MAC address)and associated with the person, the biometric data may receive a higherinitial score.

In operation 245, embodiments may include sending the request forpayment and the payment account details (e.g., credit card details)associated with the biometric data to a payment processor

In operation 250, embodiments may include receiving a payment payloadfrom the payment processor. The payment payload may then be encrypted byone or more remote servers 160 to form a second encrypted message, inoperation 255.

In operation 260, embodiments may include sending the second encryptedmessage to a payment unit. One or more remote servers 160 may sendprocessing unit 110 via communication unit 130 the encrypted paymentpayload. Local processing unit 110, receiving the second encryptedmessage may, in operation 265, decrypt the second encrypted messagesreceived from the remote server including the payment payload from thepayment processor. Local processing unit 110 may then, send the paymentpayload to cash register 10 (e.g., via a first channel), in operation270.

Reference is now made to FIG. 3 which is a flow chart of a method ofsecuring transaction and/or payment in a point of sale according to someembodiments of the invention. The method of FIG. 3 may be performed bysystem 100 of FIG. 1. Operation 305 may be substantially similar tooperation 205 and operation 310 may be substantially similar tooperation 215 of the method of FIG. 2. In operation 315, the embodimentsmay include encrypting the received biometric data and the receivedrequest for payment to form a first encrypted message. In someembodiments, the additional data may be included in the first encryptedmessage, as discussed above. The biometric data may include the capturedbiometric data taken by biometric sensor 140 (e.g., photo of the face, avoice sample and/or a fingerprint) or data extracted from the capturedbiometric data. Local processing unit 110 may perform any encryptionprocess known in the art in order to encrypt the received biometricdata, the additional data, and the request for payment and to form thefirst encrypted message.

Operations 320 and 325 of FIG. 3 may be substantially the same asoperations 225 and 230 of FIG. 2, that were broadly discussed above. Inoperation 330, embodiments may include comparing the biometric data tostored identified biometric data. In some embodiments, one of remoteservers 160 may compare the biometric data extracted from thephotos/fingerprints/etc. received from one or more biometric sensors 140with biometric data stored for identified persons and associated withpayment account details (e.g., payment account details (e.g., creditcard details). For example, remote server 160 may scan all the biometricdata stored in one or more remote servers 160 to find the closest matchto the received biometric data.

In operation 325, embodiments may include determining an identity scorefor the biometric data based on the comparison between the receivedbiometric data and the stored biometric data. Once a potential match wasfound, remote server 160 may be configured to estimate how strong thematching is and to give an identity score. For example, in a facerecognition processes if a match was found in 4 out of 5 facial featuresan identity score of 0.8 may be given to the comparison. In yet anotherexample, if in a face recognition processes a match was found in 3 outof 5 facial features but in an additional voice recognition process amatch was found in 3 out of 5 voice features, an identity score of 0.8may be given to the comparison although lower scores was given to eachrecognition process separately.

In some embodiments, the identity score for the biometric data mayfurther be determined based on the additional data. For example, theadditional data received from sensor 145 may include data related to amobile device (e.g., MAC address). Remote server 160 may be configuredto compare the data with stored data related to the mobile device of theperson. If a match is found, the identity score may be given a highervalue (e.g., 0.9) even if the comparison of the biometric data isresulted in a lower value (e.g., 0.6). In some embodiments, the datarelated to a mobile device may include a plurality of MAC addressreceived from a plurality of mobile devices present in a detectiondistance from sensor 145. In such case remote server 160 may beconfigured to detect in the plurality of MAC address the one associatedwith the person from which the biometric data was received.

In operation 340, embodiments may include sending the request forpayment and payment account details (e.g., credit card details)associated with the biometric data to a payment processor if thedetermined identity score is above a threshold value. Remote server 160may send the request for payment the payment account details (e.g.,credit cards details) associated with the biometric data (e.g., inoperation 235 of the method of FIG. 2) to the payment processor, if theidentity score is above a predetermined threshold value (e.g., 0.7).

In some embodiments, the predetermined threshold value may change andupdated in time. For example, when a customer reputedly uses theautomatic payment method according to embodiment of the invention, aplurality of biometric data files (e.g., data extracted from a pluralityof photos) may be received by system 100. For example, when receiving aplurality of first encrypted messages for the same customer, over aperiod of time, each of the first encrypted message may includebiometric data of the same person. Therefore, each newly receivedbiometric data may be compared to at least some the identified biometricdata previously stored. Since for each received biometric data anidentity score is determined, each new identity score may be used forupdating the threshold value. For example, if during a month a customerused system 100 for 5 times for paying for goods and in the process 5identity scores may be given to the biometric data given by thecustomer, 0.6, 0.5, 0.9, 0.75 and 0.85. In some embodiments, remoteserver 160 may be configured to update the initial given threshold value(e.g., 0.7) with the mean threshold value 0.72 of the all the 5determined identity scores. In some embodiments, remote server 160 maybe configured to select an updated threshold value based on the numberof received and identified biometric data. The higher the number ofreceived and identified biometric data the higher will be the thresholdvalue. For example, if the initial threshold value for the first 5 usesof system 100 may be 0.7, the threshold value may rise to 0.75 for thenext 15 uses and to 0.8 for the next 30 uses. The more the customer usessystem 100, the higher is the confidant of the bio-metric identificationprocess and a higher threshold value is set.

In some embodiments, in order to further verify the identity of thecustomer holding the credit card or the account owner, the method mayinclude sending to a mobile device associated with the customer (e.g.,the credit card holder) a message. One or more remote servers 160 maystore together with the payment account details (e.g., credit carddetails) communication details (e.g., mobile phone numbers, emailaddresses or the like) of the credit card holders (or an authorizedusers). After associating the biometric data to the payment accountdetails (e.g., credit card details), server 160 may send a message suchas, SMS or email to the mobile device using the stored communicationdetails. The message may include a link or a request to send a responsemessage in response to the send message. The response may include,opening a link, sending an SMS or the like. In some embodiments, theresponse may include an automatic message and response received from anNFC token (chip) based on magnetic field induction. A designated NFCtoken may be included mobile device 20 and when mobile device is withina small distance (e.g., several centimeters) communication unit 130 mayrecognized the designated token of mobile device 20 and verify device 20and/or the identity of the customer holding device 20. In someembodiments, the method may include verifying the identity of the personbased on received response. For example, remote server 160 may send therequest for payment to the payment processor only if the right responsemessage was received.

In some embodiments, the need to use such an additional authenticationmethod may be determine by server 160 according to a fraud expectancyrule that may determine if there is a high probability (e.g., higherthan a threshold value) that a fraud act has been performed. Forexample, if the credit card was used distinguishably different thanformer usage of that credit card (e.g., at odds hours (e.g., in themiddle of the night), for purchasing different good (e.g., alcoholinstead of groceries and the like) that may indicate that the creditcard has been stolen. In such a case a message may be send to the mobiledevice associate with the user that requires from the user to verify thepurchase and further to enter a code known only to the user oradditional biometric data, such as, a fingerprint.

In some embodiments, a single credit card or a single payment accountmay be associated with a plurality of users (e.g., customers) forexample, several workers in an office that are authorized to use theoffice's credit card, several family members that are authorized to usethe same credit card and the like. In such an embodiment, server 160 maystore data related to the plurality of users (e.g., biometric data,mobile devices, pin codes and the like) and associate them with a singlecredit card or other payment account. Each member of the plurality ofusers may be required to separately register to the payment serviceaccording to embodiments of the invention, using any of the methodsdisclosed above.

In some embodiments, a single user may be associated with a plurality ofcredit cards, gift cards a bank account and the like. Such a customersubscribing to the payment service according to embodiments of theinvention, using any of the methods disclosed above, may enter severalaccount details. For example, after providing the biometric data (e.g.,give a fingerprint, take a photo and the like) the customer may enter afirst credit card details, a second credit card details, a gift carddetails and a bank account details and server 160 may associate thebiometric data with all the given payment accounts details. In someembodiments, for a customer associate with a plurality of paymentaccounts (e.g., plurality of credit cards, gift cards a bank account andthe like) the method may include asking the customer which one of theassociated payment accounts is to be used for purchasing goods in thepoint of sale. Server 160 may display on mobile device 20 a request toselect the payment account and may include in the first encryptedmessage the selected payment account and the received biometric data.

Operations 345-365 of FIG. 3 are substantially the same as operations250-270 of FIG. 2 that were discussed above.

Reference is now made to FIG. 4 which is a high level block diagram of acomputing system according to some embodiments of the invention. Asystem 1000 may be included in payment unit 105 or in other componentsof system 100. According to other embodiments, system 1000 may includeone or more of the components of system 100. System 1000 A may include acomputer processing unit 110 (e.g., that may be similar to processingunit 110 of system 100), a storage unit 125 and a user interface 135.Processing unit 110 may include a processor 112 that may be, forexample, a central processing unit (CPU), a chip or any suitablecomputing or computational device, an operating system 114 and a memory116. System 1000 may be included in a desktop computer, laptop commuter,a tablet, a mainframe computer or the like. Processor 112 may beconfigured to carry out methods according to embodiments of the presentinvention by for example executing instructions stored in a memory suchas memory 116.

Operating system 114 may be or may include any code segment designedand/or configured to perform tasks involving coordination, scheduling,arbitration, supervising, controlling or otherwise managing operation ofprocessing unit 110, for example, scheduling execution of programs.Operating system 114 may be a commercial operating system. Memory 116may be or may include, for example, a Random Access Memory (RAM), a readonly memory (ROM), SSD (Solid state drive), a Dynamic RAM (DRAM), aSynchronous DRAM (SD-RAM), a double data rate (DDR) memory chip, a Flashmemory, a volatile memory, a non-volatile memory, a cache memory, abuffer, a short term memory unit, a long term memory unit, or othersuitable memory units or storage units. Memory 116 may be or may includea plurality of, possibly different memory units.

Memory 116 may store any executable code, e.g., an application, aprogram, a process, task or script. The executable code may includecodes for controlling the display of an image stream or any other codesor instruction for executing methods according to embodiments of thepresent invention. The executable code may be executed by processor 112possibly under control of operating system 114.

Storage 125 may be or may include, for example, a hard disk drive, afloppy disk drive, a Compact Disk (CD) drive, a CD-Recordable (CD-R)drive, a universal serial bus (USB) device, a SSD (Solid state drive),or other suitable removable and/or fixed storage unit. Content may bestored in storage 120 and may be loaded from storage 120 into memory 116where it may be processed by processor 112. For example, storage 120 mayinclude an image stream including a plurality of image frames, datarelated to the image frames and/or data related to abnormal findings orsuspicious behavior according to embodiments of the invention.

User interface 135 may be or may include a screen (e.g., a monitor, adisplay, a CRT, etc.), a pointing device and an audio device. Userinterface 130 may include or be associated with other input devices suchas, a keyboard. The pointing device may be a mouse, a touch screen or apad or any other suitable device that allows a user to control (e.g., byhand or finger movements) a pointing indicator (e.g., a cursor) locatedon the screen. In some embodiments, the screen and the pointing devicemay be included in a single device, for example, a touch screen. Userinterface 135 may include audio device such as one or more speakers,earphones and/or any other suitable audio devices. It will be recognizedthat any suitable number of output devices may be included in userinterface 135. Any applicable input/output (I/O) devices may beconnected to processing unit 110. For example, a wired or wirelessnetwork interface card (NIC), a modem, printer or facsimile machine, auniversal serial bus (USB) device or external hard drive may be includedin user interface 135.

Embodiments of the invention may include an article such as a computeror processor non-transitory readable medium, or a computer or processornon-transitory storage medium, such as for example a memory, a diskdrive, or a USB flash memory, encoding, including or storinginstructions, e.g., computer-executable instructions, which, whenexecuted by a processor or controller, carry out methods disclosedherein.

The storage medium may include, but is not limited to, any type of diskincluding floppy disks, optical disks, compact disk read-only memories(CD-ROMs), rewritable compact disk (CD-RWs), and magneto-optical disks,semiconductor devices such as read-only memories (ROMs), random accessmemories (RAMs), such as a dynamic RAM (DRAM), erasable programmableread-only memories (EPROMs), flash memories, electrically erasableprogrammable read-only memories (EEPROMs), magnetic or optical cards, orany type of media suitable for storing electronic instructions,including programmable storage unit.

A system according to embodiments of the invention may includecomponents such as, but not limited to, a plurality of centralprocessing units (CPU) or any other suitable multi-purpose or specificprocessors or controllers, a plurality of input units, a plurality ofoutput units, a plurality of memory units, and a plurality of storageunits. A system may additionally include other suitable hardwarecomponents and/or software components. In some embodiments, a system mayinclude or may be, for example, a personal computer, a desktop computer,a mobile computer, a laptop computer, a notebook computer, a terminal, aworkstation, a server computer, a tablet computer, a network device, orany other suitable computing device. Unless explicitly stated, themethod embodiments described herein are not constrained to a particularorder or sequence. Additionally, some of the described methodembodiments or elements thereof can occur or be performed at the samepoint in time.

While certain features of the invention have been illustrated anddescribed herein, many modifications, substitutions, changes, andequivalents will now occur to those of ordinary skill in the art. It is,therefore, to be understood that the appended claims are intended tocover all such modifications and changes as fall within the true spiritof the invention.

1. A system for payment in a point of sale, comprising: a payment unit;and one or more remote servers, wherein the payment unit comprises: oneor more biometric sensors; a communication unit comprising a firstcannel for communicating with a cash register and a second channel forcommunicating with the one or more remote servers; and a local processorconfigured to: receive biometric data of a person from the one or morebiometric sensors; receive a request for payment from the cash register,via the first channel; encrypt the received biometric data and thereceived request for payment to form a first encrypted massage; send thefirst encrypted massage to the one or more remote servers, via thesecond channel; decrypt a second encrypted massages received from theremote server, via the second channel, comprising a payment confirmationfrom a payment processor; and send the payment confirmation to the cashregister, via the first channel, and wherein at lest one remote serverfrom the one or more remote servers is configured to: decrypt the firstencrypted message; compare the biometric data to stored identifiedbiometric data; determine an identity score for the biometric data basedon the comparison; send the request for payment and payment accountdetails associated with the biometric data to the payment processor ifthe determined identity score is above a threshold value; receive thepayment confirmation from the payment processor; encrypt the paymentconfirmation code to form the second encrypted message; and send thesecond encrypted message to the payment unit.
 2. The system of claim 1,wherein the biometric data comprises data received from two or moretypes of biometric sensors.
 3. The system of claim 1, wherein the atleast one remote server is further configured to: receive an additionaldata related to the person; and determine the identity score for thebiometric data also based on the additional data.
 4. The systemaccording to claim 1, each of the one or more remote servers is furtherconfigured to: verify that the first and second channels are authorizedcommunication channels prior to receiving the first encrypted message.5. The system according to claim 1, wherein the first channel isconfigured to send and receive the first and second encrypted messagesvia an encrypted communication protocol.
 6. The system according toclaim 1, further comprising: an intercepting unit configured to: sendthe payments unit the request for payment from the cash register; andsend the payment confirmation from the payment unit to the cashregister.
 7. The system according to claim 1, wherein the localcontroller is further configured to: receive, via an input device,payment account details associated with the person, and the firstencrypted massage further includes the payment account details; andwherein the remote server is further configured to: associate thebiometric data of the person with the payment account details.
 8. Thesystem according to claim 1, wherein the remote server is furtherconfigured to: send to a mobile device associated with the person amessage; receive from the mobile device a response to the sent message;and verify the identity of the person based on received response.
 9. Thesystem according to claim 1, wherein each of the one or more remoteservers is further configured to: receive a plurality of first encryptedmessages, over a period of time, each of the first encrypted messagecomprises biometric data of the same person; compare the receivedbiometric data to stored identified biometric data; determine identityscores for the received biometric data based on the comparison; andupdate the threshold value based on the determined identity scores. 10.A method of payment in a point of sale, comprising: receiving biometricdata of a person from one or more biometric sensors; receiving a requestfor payment from a cash register; encrypting the received biometric dataand the received request for payment to form a first encrypted massage;sending the first encrypted massage to a remote server; decrypting thefirst encrypted message, by the remote server; comparing the biometricdata to stored identified biometric data; determining an identity scorefor the biometric data based on the comparison; sending the request forpayment and payment account details associated with the biometric datato a payment processor if the determined identity score is above athreshold value; receiving a payment confirmation from the paymentprocessor; encrypting the payment confirmation to form a secondencrypted message; and sending the second encrypted message to a paymentunit, decrypting the second encrypted massages received from the remoteserver comprising the payment confirmation from the payment processor;and sending the payment confirmation to the cash register.
 11. Themethod of claim 10, wherein the biometric data comprises data receivedfrom two or more types of biometric sensors.
 12. The method of claim 10,further comprising: receiving an additional data related to the person;and determining the identity score for the biometric data also based onthe additional data.
 13. The method according to claim 10, furthercomprising: receiving, via an input device, payment account detailsassociated with the person, wherein the first encrypted massage furtherincludes the payment account details; and associating the biometric dataof the person with the payment account details.
 14. The method accordingto claim 10, further comprising: sending to a mobile device associatedwith the person a message; and receiving from the mobile device aresponse to the sent message; verifying the identity of the person basedon the received response.
 15. The method according to claim 10, furthercomprising: receiving a plurality of first encrypted messages, over aperiod of time, each of the first encrypted message comprises biometricdata of the same person; comparing the received biometric data to storedidentified biometric data; determining identity scores for the receivedbiometric data based on the comparison; and updating the threshold valuebased on the determined identity scores.
 16. A method of associatingbiometric data with a person, comprising: receiving biometric data of aperson from one or more biometric sensors; receiving payment accountdetails associated with the person; encrypting the received biometricdata and the received payment account details to form a first encryptedmassage; sending the first encrypted massage to one or more remoteservers; decrypting the first encrypted message, by the one or moreremote servers; and associating the biometric data of the person withthe payment account details.
 17. The method of claim 16, furthercomprises: receiving a request for payment from a cash register;encrypting the request for payment to be included in the first encryptedmassage; determining an identity score for the biometric data; sendingthe request for payment and the payment account details associated withthe biometric data to a payment processor if the determined identityscore is above a threshold value; receiving a payment confirmation fromthe payment processor; encrypting the payment confirmation to form thesecond encrypted message; and sending the second encrypted message to apayment unit, decrypting the second encrypted massages received from theremote server comprising the payment confirmation from the paymentprocessor; and sending the payment confirmation to the cash register.18. The method of claim 16, wherein the biometric data comprises datareceived from two or more types of biometric sensors.
 19. The methodaccording to claim 17, further comprising: receiving an additional datarelated to the person; and determining the identity score for thebiometric data also based on the additional data.